BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
North Korean Hackers Leverage Malicious NPM Packages for Initial Access
/in General NewsNorth Korean hackers, identified as Moonstone Sleet, have been distributing malicious JavaScript packages on the npm registry to infect Windows systems. The two packages, harthat-api and harthat-hash, were uploaded on July 7, 2024.
Cyware News – Latest Cyber News – Read More
The Role of AI in Cybersecurity Operations
/in General NewsAI can analyze data quickly, detect patterns of malicious behavior, and automate routine tasks like alert triaging and log analysis. However, human oversight is still necessary to ensure the accuracy and relevance of AI-generated insights.
Cyware News – Latest Cyber News – Read More
New Go-based Backdoor GoGra Targets South Asian Media Organization
/in General NewsAn unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra.
“GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services,” Symantec, part of Broadcom, said in a report shared with The Hacker News.
It’s currently not clear how it’s
The Hacker News – Read More
Dark Reading News Desk Live From Black Hat USA 2024
/in General NewsThe Dark Reading team once again welcomes the world’s top cybersecurity experts to the Dark Reading News Desk live from Black Hat USA 2024. Tune into the livestream.
darkreading – Read More
The Prevalence of DarkComet in Dynamic DNS
/in General NewsA recent analysis using HYAS Insight threat intelligence revealed a trend in dynamic DNS registrations originating from Turkey in 2024, with DarkComet malware representing over 50% of the malicious domains identified.
Cyware News – Latest Cyber News – Read More
CrowdStrike Reveals Root Cause of Global System Outages
/in General NewsCybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally.
The “Channel File 291” incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable
The Hacker News – Read More
Replacement for Action Fraud, UK’s Cybercrime Reporting Service, Delayed Again Until 2025
/in General NewsThe new service, known as the Fraud and Cyber Crime Reporting and Analysis System (FCCRAS), will enhance the reporting process by allowing users to upload additional information like metadata, screenshots, and images.
Cyware News – Latest Cyber News – Read More
Florida Firm Sued Over Theft of 2.9B Personal Records
/in General NewsA class-action lawsuit is brewing over the cyber-heist of 2.9 billion personal records that were stolen from a Florida data broker, Jerico Pictures, doing business as National Public Data, and sold on the dark web.
Cyware News – Latest Cyber News – Read More
CISA Adds Microsoft COM for Windows Bug to its Known Exploited Vulnerabilities Catalog
/in General NewsThe vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script.
Cyware News – Latest Cyber News – Read More
Police Recover Over $40m Headed to BEC Scammers
/in General NewsA Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m lost to fraudsters in a business email compromise (BEC) scam.
Cyware News – Latest Cyber News – Read More